Red Hat SummitDieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
14.2. Types
The main permission control method used in SELinux targeted policy to provide advanced process isolation is Type Enforcement. All files and processes are labeled with a type: types define a SELinux domain for processes and a SELinux type for files. SELinux policy rules define how types access each other, whether it be a domain accessing a type, or a domain accessing another domain. Access is only allowed if a specific SELinux policy rule exists that allows it.
The following types are used with OpenShift. Different types allow you to configure flexible access:
Process types
openshift_t- The OpenShift process is associated with the
openshift_tSELinux type.
Types on executables
openshift_cgroup_read_exec_t- SELinux allows files with this type to transition an executable to the
openshift_cgroup_read_tdomain. openshift_cron_exec_t- SELinux allows files with this type to transition an executable to the
openshift_cron_tdomain. openshift_initrc_exec_t- SELinux allows files with this type to transition an executable to the
openshift_initrc_tdomain.
Writable types
openshift_cgroup_read_tmp_t- This type allows OpenShift control groups (cgroup) read and access temporary files in the
/tmp/directory. openshift_cron_tmp_t- This type allows storing temporary files of the OpenShift cron jobs in
/tmp/. openshift_initrc_tmp_t- This type allows storing the OpenShift
initrctemporary files in/tmp/. openshift_log_t- Files with this type are treated as OpenShift log data, usually stored under the
/var/log/directory. openshift_rw_file_t- OpenShift have permission to read and to write to files labeled with this type.
openshift_tmp_t- This type is used for storing the OpenShift temporary files in
/tmp/. openshift_tmpfs_t- This type allows storing the OpenShift data on a tmpfs file system.
openshift_var_lib_t- This type allows storing the OpenShift files in the
/var/lib/directory. openshift_var_run_t- This type allows storing the OpenShift files in the
/run/or/var/run/directory.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}